Reference
Security Glossary
Key security terms explained in a compact, citable format: definition, context and the questions that keep coming up.
Bitcoin and Cryptography
Bitcoin is not just a means of payment - it is a living proof of how elegantly cryptography can solve real security problems. After 15 years without a …
Read the entry →
CNAPP and CSPM 2025
Misconfigurations are the most common cause of cloud security incidents - not sophisticated attacks, but an incorrectly opened S3 bucket or an overly broad IAM role. Cloud Security …
Read the entry →
Confidential Computing
Today’s data is reliably encrypted - at rest and in transit. Yet during processing, it resides unencrypted in RAM. Confidential Computing closes this final gap using hardware-based enclaves. …
Read the entry →
CRA
Cyber Resilience Act explained: which products it covers, what manufacturers must report by September 2026, and how it differs from NIS2.
Read the entry →
Cybersecurity vs. Network Security – What’s the Difference?
Network security focuses on data in motion - data traversing a network. Cybersecurity, by contrast, protects stored data - data at rest. Companies across all industries are drowning …
Read the entry →
DORA
Learn how DORA impacts the financial sector, key compliance requirements since January 2025, and how it differs from NIS2.
Read the entry →
EDR vs XDR
EDR and XDR explained: how endpoint detection works, when XDR makes the difference, and how both compare to SIEM and NDR.
Read the entry →
How a DDoS Attack Unfolds
Denial-of-Service attacks are becoming an increasingly popular tool for hackers to target websites and servers. But how does a DDoS attack work? For businesses, having servers or cloud …
Read the entry →
ISO 27001
ISO 27001 explained: what the standard requires, what certification truly means, and how it compares to BSI IT-Grundschutz and NIS2.
Read the entry →
ITDR Joins SIEM and EDR
Identity Detection will be the third SOC layer in 2026. ITDR sees what EDR and SIEM don't. Three architecture options for DACH security teams.
Read the entry →
MDR
MDR explained: what Managed Detection and Response offers, how it differs from MSSP and in-house SOC, and key selection factors.
Read the entry →
NIS2
NIS2 introduces new cybersecurity rules. Learn who must comply, key obligations since December 2025, and why executives face personal liability.
Read the entry →
Passkey
Passkeys explained: how passwordless FIDO2 logins work, why they block phishing attacks, and how to make the switch seamlessly.
Read the entry →
Penetration Test
Penetration testing explained: what a simulated attack achieves, how it works, and how it differs from vulnerability scans and red teaming.
Read the entry →
Phishing
Phishing explained: how attacks work, from spear-phishing to quishing, and why passkeys offer the best protection.
Read the entry →
Post-Quantum Cryptography
Post-quantum cryptography explained: why quantum computers threaten RSA, what NIST standards cover, and how businesses can start now.
Read the entry →
Ransomware
Ransomware explained: how attacks unfold, what double extortion means, and five key BSI-recommended protection measures.
Read the entry →
SIEM
SIEM explained: how centralized log correlation works, how it differs from SOC and XDR, and costly mistakes to avoid during implementation.
Read the entry →
SOC
Security Operations Center explained: what a SOC does, key roles, and why MDR is often a more realistic choice for mid-sized businesses.
Read the entry →
Zero Trust
Zero Trust explained: the meaning behind 'never trust, always verify,' key components, and why Zero Trust isn't a product.
Read the entry →